§INTEGRATION · OPENAI AGENTS SDK

OpenAI Agents SDK, the full function-calling surface.

Client-side tools you declare in the Agents SDK can flow through our control plane just like any other OpenAI SDK client — set `OPENAI_BASE_URL` and go. One caveat, honestly stated: server-side vendor tools execute inside OpenAI and are invisible to an external control plane. Don't assume coverage for those.

ONE-LINE SETUP

Two lines. One terminal. Done.

Works with the Python and TypeScript Agents SDK alike. No SDK version pin required — the override is at the HTTP layer.

bash

$ curl -fsSL https://get.sentisec.ch | bash
$ export OPENAI_BASE_URL=https://api.sentisec.ch/v1

PATH OF A TOOL CALL

One hop. No framework rewrite.

Diagram is intentionally kept at the category level — the detail of the checks lives on the developer landing page and under NDA.

your Agents SDK app
   │
   ▼  proposed client-side actions
sentisec control plane
   │   cognitive integrity score · workspace policy
   ▼
OpenAI API
   │
   ▼
tool result back — or halt + reason

§CATCHES

What this catches

Client-side tools your agent declares — shell, HTTP, filesystem, custom tools.
Tool arguments that reference blocked filesystem paths or destination hosts outside your allowlist.
Halts when the next action looks like a hijack of the original task.

§LIMITS

What this doesn't (yet)

Responses API server-side tools are out of scope (`web_search`, `file_search`, `computer_use`, `remote_mcp`). We document this on the limits page.
If you use the Realtime API audio/voice surface, only client-side action routing is covered — the voice-content side is not a control-plane surface today.

Full limits page →

Try free →Read what we don't catch yet See the 90-second demo →